Information Security Management System Policy

TH-EY S&D LTD commits to maintaining and continually improving an effective Information Security Management System (ISMS) in accordance with ISO/IEC 27001 to ensure the protection of its own information and data, as well as that of its clients and business partners.

This policy applies to all departments of the Company and to all resources, processes and systems related to the processing, storage and transmission of information.

Top Management commits to:

• Providing the necessary resources for the effective implementation and maintenance of the Information Security Management System.
• Complying with all information security obligations defined within the framework of ISO/IEC 27001.
• Taking action to continually improve the Information Security Management System and enhance information security.

The main objectives of the Company’s Information Security Management System include:

• Protecting the confidentiality, integrity and availability of information.
• Minimising information security risks.
• Ensuring compliance with ISO/IEC 27001 requirements and other applicable regulations.
• Systematically enhancing staff qualifications and awareness in response to evolving cyber threats.

Regular reviews of the Information Security Management System and the conduct of internal audits will help identify areas requiring improvement. The Company commits to the continual improvement of the Information Security Management System based on the results of these reviews.